Before involving TAC Engineer in the investigation, acknowledge that:

1. Follow the available rich information resources to deploy the recommended configurations and perform basic troubleshooting:
   1. Fortinet Community
   2. Fortinet Official Documentation
   3. Fortinet Video Library
      
      
2. Specialized services that are purchased separately and outside the ticket scope.
   1. FortiCare Professional Services, purchased separately to assist in designing, planning, optimizing, evolving, operating, and deploying standardized infrastructure (contact the sales team to benefit).
   2. Advanced Services, purchased separately to perform RCA analysis, upgrade assistance, and software recommendations (contact the sales team to benefit).
   3. Managed FortiGate Service purchased separately to assist to simplify and optimize network infrastructure using Fortinet security best practices and ITIL methodologies. Deploy FortiGate devices, adhere to security standards, and improve efficiency. Evaluate, implement, and verify configuration changes. To respond immediately to security incidents, identify configuration weaknesses, and implement proactive security measures (contact the sales team to benefit).
   4. FortiConverter Service a one-time license is required and purchased separately to perform configuration conversion and migration between FortiGate models or other vendors (contact the sales team to benefit).
      
      
3. Other prerequisites:
   1. A support contract is necessary for the FortiGate equipment serial number (SN) and any involved/interconnected Fortinet Fabric product equipment (FortiAP, FortiClient-EMS, FortiManager, FortiCloud, FortiSwitch, etc.).
      Verify the support contract for the Fortinet product from Fortinet Support Portal -> Product List (for detailed information, select product SN -> Entitlement).
   2. A separate ticket must be initiated for in-depth expertise with subject matter experts. 
   3. In the event of only a FortiGate license/subscription, a partial and best-effort investigation can be conducted. 
   4. Running a supported FortiOS version according to the product life cycle for the FortiGate equipment.
   5. Whenever third-party products/services are interconnected (ISP, upstream/downstream routers, upstream/downstream firewalls, VMs, PBX/VoIP systems, cloud infrastructure, servers, workstations, and endpoints), the investigation will be conducted from the FortiGate perspective.
   6. The network administrator must be able to provide proof (debug, capture, analysis, reference guide, Fortinet guide) as part of the problem description. 
   7. Collaborate with TAC representatives to perform the necessary tests and engage all parties involved to conduct a complete investigation; one-sided investigations are limited. 
   8. Only one technical issue at a time can be handled through one ticket.
   9. Configuration conversion and migration between FortiGate models and other vendors require a one-time license not performed through the ticket (refer to point v2.4).
   10. Carefully review the FortiOS Release Notes for the FortiOS version in plan to use before any update or upgrade, evaluating the features in use, the changes in behavior, and resolved/known issues. 

Still need help; engage with TAC:

1. It is recommended to approach using the web technical ticket following the instructions under Fortinet Support Portal -> Guidelines and Policies -> Ticket Creation Guide.
   
   
2. Ticket will be handled according to the purchased support level and SLAs as explained under Fortinet Support Portal -> Guidelines and Policies -> Guidelines and Policies -> FortiCompanion to Technical Support.
   
   
3. Tickets are registered either as P4/P3, and the priority can be increased to P1/P2 only by providing proof of relevant business impact as per agreement in FortiCompanion to Technical Support. Priority changes can be requested by phone to the toll-free numbers (Fortinet Contact Support Information).

4. Explain the technical problem accurately, including the following points (mandatory):
   1. Problem description explaining how FortiGate is suspected to be impacting the issue.
   2. Historical information on the issue to understand if any recent changes or events could have impacted it. 
   3. Network Diagram (image, pdf, Visio, doc) of the impacted network segment where FortiGate is connected.
   4. Equipment replacement is requested (RMA). 
      1. Option A > Mandatory proof of faulty device HQIP test, debugs, screenshots as per engineer request.
      2. Option B > Proof or acknowledgement of the P-RMA contract. 
         Important Note: Fortinet strongly recommends HA(High-Availability) deployment as the ultimate strategy for business continuity in cases of major disasters. The RMA process implies engaging logistics from a third party that can impact the speed of delivery. For more information, refer to the support contract in place as explained under Fortinet Support Portal -> Guidelines and Policies -> FortiCompanion to RMA Services. 
         
         
5. Files and information required for a quick investigation (mandatory):
   1. A copy of the running configuration of the FortiGate
   2. A copy of the unit 'Debug Log'
   3. A copy of the output of the HQIP test (only for faulty units and replacement requests/RMA).
      
      

6. Further technical assistance:

   1. If the unit is delivered in a different timezone where the unit has been purchased/registered, advise the engineer that support in a specific timezone is needed as Fortinet Support operates 24/7
   2. The TAC engineer can propose a remote session (through the GoToMeeting application link) only after a clear understanding of the issue and performing additional tests to move forward with the investigation.
   3. The engineer will advise changes that have a minor impact on production. It is recommended that major changes (routing changes, SD-WAN migrations, upgrades, HA failover, etc.) be evaluated and performed under a maintenance window. 
   4. The engineer will pursue reproducing (if applicable) the issue only if enough proof has been provided to suspect an unexpected behavior to build enough evidence and pursue an R&D investigation. These types of investigations are handled only through TAC.